eDir 8.8.2 ftf2

My customer has many different applications that connect successfully
to eDirectory via LDAP over SSL. They have one such application that is
able to connect using non-SSL, but we see an error in an LDAP trace when
trying to connect via SSL.

------------------------------------
[2010/01/19 9:28:47.541] DoTLSHandshake on connection 0x45fc76c0
[2010/01/19 9:28:47.542] TLS accept failure 1 on connection 0x45fc76c0,
setting err = -5875. Error stack:
error:1408A0C1: SSL routines: SSL3_GET_CLIENT_HELLO:no shared cipher
[2010/01/19 9:28:47.542] TLS handshake failed on connection 0x45fc76c0,
err = -5875
------------------------------------

The application is trying to make a connection via java to LDAP to pull
user information from eDirectory into Oracle OID. OID version is
10.1.4.3

I've been told that the cipher suite support from Oracle is:

TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
SSL2_RC4_128_WITH_MD5
TLS_DH_anon_WITH_RC4_128_MD5
TLS_DH_anon_WITH_DES_CBC_SHA
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA

Questions:
Do any of the cipher suites listed above work with eDirectory?
What cipher suites does eDirectory support?
Can eDirectory be expanded to support one or more of the above Oracle
cipher suites?

Thanks!
Mike


--
mbristow
------------------------------------------------------------------------
mbristow's Profile: http://forums.novell.com/member.php?userid=2538
View this thread: http://forums.novell.com/showthread.php?t=399778